The Lookout security company detected 170 dangerous apps. 25 were on the Google Play Store.
More than 90,000 people fell for these types of scams, which are difficult to detect.
In a world in which there are more and more apps for cryptocurrencies of the Android operating system, you have to be very cautious, and especially with those that promise money gains. In this regard, a company dedicated to computer security warned about 170 mobile applications to mine cryptocurrencies in the cloud that could result in scams using the Bitscam and Cloudscam methods.
According to the report published by Lookout, a company based in California, United States, there are many apps that can be dangerous, despite being offered as an alternative to mine cryptocurrencies in the cloud and generate money with them. Lookout’s analysis, signed by security engineer Ioannis Gasparis, details that 930,000 people have been scammed by these Android apps. In addition, more than 350,000 dollars were stolen with this criminal modality, both in fiat money (that is, that issued by the central bank of a country) and in cryptocurrencies.
The experts who conducted the survey detailed that 25 of the 170 apps flagged as malicious could be found on the Google Play Store. This means that they were fully available to the public until they were removed from the virtual store, following the warning by these experts.
There are two methodologies used to attack the cryptocurrency accounts of the victims. The first is called Bitscam, and it consists of infiltrating malware into the mobile phone to violate the user’s accounts in wallets and exchanges and thus steal their crypto assets. Meanwhile, the second technique, the Cloudscam, goes a step further, since it can also compromise bank accounts and all kinds of data stored in the cloud.
Paid apps that promise bogus rewards on the Google Play Store
To lure their victims, these apps guarantee payments in exchange for the user “renting” processing capacity to mine cryptocurrencies. Subsequently, they claim to distribute the rewards according to the contribution of each of the participants in the process.
However, such promises are never kept, instead developers simply use the occasion to introduce malware that steal sensitive information from user accounts. Furthermore, these applications they keep the money people pay to buy the application and then the upgrades and subscriptions which are offered in it to – in theory – achieve better performance. These purchases can amount to approximately USD 260, the statement said.
According to Lookout, what makes these apps hard to detect is that, in many cases, they don’t do anything that looks suspicious. Indeed, many “function only as a shield to collect money” in exchange for services that do not actually materialize.
Cryptocurrency mining and the proliferation of scams
As the CriptoNoticias Criptopedia explains, cryptocurrency mining consists of solving complex mathematical problems to validate transactions and issue new cryptocurrencies. One of the strategies to mine is the mining pools, in which several users contribute their processing power and receive rewards that are proportional to this. Cloud mining is basically the same thing, but instead of buying mining equipment, you “rent” this processing power from a third party.
Cloud mining applications have the disadvantage that they are more susceptible to scams. In this sense, the Lookout report indicates that An unsophisticated and inexperienced code pattern was detected in malicious apps. Also, the cryptocurrency reward balances and processing power shown were fictitious. Even these apps do not even allow you to withdraw the accumulated balance.
With the growth of the popularity of cryptocurrencies, many “newbies” enter this world and thus become easy targets for scammers. Given this, education and information are essential, and there is more and more material dedicated to preventing these crimes. For example, as CriptoNoticias reported, exists even until a documentary on Netflix that explains what Ponzi schemes consist of in the field of cryptocurrencies and that they can help, along with other sources, to avoid falling into this type of crime.